key: Parse signatures that don't have a comment

author Michael Tremer <michael.tremer@ipfire.org>

Sun, 2 Feb 2025 16:32:02 +0000 (16:32 +0000)

committer Michael Tremer <michael.tremer@ipfire.org>

Sun, 2 Feb 2025 16:32:02 +0000 (16:32 +0000)
author Michael Tremer <michael.tremer@ipfire.org>
Sun, 2 Feb 2025 16:32:02 +0000 (16:32 +0000)
committer Michael Tremer <michael.tremer@ipfire.org>
Sun, 2 Feb 2025 16:32:02 +0000 (16:32 +0000)
diff --git a/src/pakfire/key.c b/src/pakfire/key.c

index 18226b97f555d4d8b69b5e13572f5d8fc64100b5..384321c33d55fffad3b9022abb64eac771ee4a60 100644 (file)
--- a/src/pakfire/key.c
+++ b/src/pakfire/key.c
@@ -901,7 +901,7 @@ static int pakfire_key_read_signature(struct pakfire_key* key,
                 struct pakfire_key_signature* signature, FILE* f) {
         void* buffer = NULL;
         size_t buffer_length = 0;
-       int r = -EINVAL;
+       int r;
  
         char* line = NULL;
         size_t length = 0;
@@ -915,53 +915,48 @@ static int pakfire_key_read_signature(struct pakfire_key* key,
                 // Increment the line counter
                 lineno++;
  
-               switch (lineno) {
-                       // The first line must start with "untrusted comment:"
-                       case 1:
-                               if (!pakfire_string_startswith(line, "untrusted comment:")) {
-                                       ERROR(key->ctx, "The first line must start with 'untrusted comment:'\n");
-                                       r = -EINVAL;
-                                       goto ERROR;
-                               }
-                               break;
+               // Don't parse any comments
+               if (pakfire_string_startswith(line, "untrusted comment:"))
+                       continue;
  
-                       // The second line should hold the signature
-                       case 2:
-                               // Decode the key
-                               r = pakfire_b64decode(key->ctx, &buffer, &buffer_length, line);
-                               if (r) {
-                                       ERROR(key->ctx, "Could not decode the signature: %m\n");
-                                       r = -EINVAL;
-                                       goto ERROR;
-                               }
+               // Decode the signature
+               r = pakfire_b64decode(key->ctx, &buffer, &buffer_length, line);
+               if (r) {
+                       ERROR(key->ctx, "Could not decode the signature: %m\n");
+                       r = -EINVAL;
+                       goto ERROR;
+               }
  
-                               // What kind of signature do we have?
-                               switch (buffer_length) {
-                                       case sizeof(*signature):
-                                               // Copy the buffer to the signature
-                                               memcpy(signature, buffer, sizeof(*signature));
-
-                                               // Check if we support the signature type
-                                               if (signature->sig_algo[0] != 'E' || signature->sig_algo[1] != 'd') {
-                                                       ERROR(key->ctx, "Unknown signature type\n");
-                                                       r = -ENOTSUP;
-                                                       goto ERROR;
-                                               }
-                                               break;
+               // What kind of signature do we have?
+               switch (buffer_length) {
+                       case sizeof(*signature):
+                               // Copy the buffer to the signature
+                               memcpy(signature, buffer, sizeof(*signature));
  
-                                       default:
-                                               ERROR(key->ctx, "Unknown signature type\n");
-                                               r = -ENOTSUP;
-                                               goto ERROR;
+                               // Check if we support the signature type
+                               if (signature->sig_algo[0] != 'E' || signature->sig_algo[1] != 'd') {
+                                       ERROR(key->ctx, "Unknown signature type\n");
+                                       r = -ENOTSUP;
+                                       goto ERROR;
                                 }
-                               break;
  
-                       // Ignore any further data
+                               // Done
+                               r = 0;
+                               goto ERROR;
+
                         default:
-                               break;
+                               ERROR(key->ctx, "Unknown signature type\n");
+                               r = -ENOTSUP;
+                               goto ERROR;
                 }
+
+               // Only ever parse one signature
+               break;
         }
  
+       // Fail if we had nothing to read
+       r = -ENODATA;
+
  ERROR:
         if (buffer)
                 free(buffer);
author	Michael Tremer <michael.tremer@ipfire.org>
	Sun, 2 Feb 2025 16:32:02 +0000 (16:32 +0000)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Sun, 2 Feb 2025 16:32:02 +0000 (16:32 +0000)